Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
cpython
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
cpython
Commits
1e65159b
Commit
1e65159b
authored
Oct 10, 2012
by
Chris Jerdonek
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Backport from 3.2: Fix placement of shell=True warning in subprocess.Popen() docs.
parent
2a6672b1
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
8 additions
and
11 deletions
+8
-11
Doc/library/subprocess.rst
Doc/library/subprocess.rst
+8
-11
No files found.
Doc/library/subprocess.rst
View file @
1e65159b
...
...
@@ -243,8 +243,8 @@ default values. The arguments that are most commonly needed are:
untrusted source makes a program vulnerable to `shell injection
<http://en.wikipedia.org/wiki/Shell_injection#Shell_injection>`_,
a serious security flaw which can result in arbitrary command execution.
For this reason, the use of
*shell=True* is **strongly discouraged** in cases
where the command string is constructed from external input::
For this reason, the use of
``shell=True`` is **strongly discouraged**
in cases
where the command string is constructed from external input::
>>> from subprocess import call
>>> filename = input("What file would you like to display?\n")
...
...
@@ -334,6 +334,12 @@ functions.
into the shell (e.g. :command:`dir` or :command:`copy`). You do not need
``shell=True`` to run a batch file or console-based executable.
.. warning::
Passing ``shell=True`` can be a security hazard if combined with
untrusted input. See the warning under :ref:`frequently-used-arguments`
for details.
*bufsize*, if given, has the same meaning as the corresponding argument to the
built-in open() function: :const:`0` means unbuffered, :const:`1` means line
buffered, any other positive value means use a buffer of (approximately) that
...
...
@@ -375,15 +381,6 @@ functions.
child process. Note that on Windows, you cannot set *close_fds* to true and
also redirect the standard handles by setting *stdin*, *stdout* or *stderr*.
If *shell* is :const:`True`, the specified command will be executed through the
shell.
.. warning::
Enabling this option can be a security hazard if combined with untrusted
input. See the warning under :ref:`frequently-used-arguments`
for details.
If *cwd* is not ``None``, the child's current directory will be changed to *cwd*
before it is executed. Note that this directory is not considered when
searching the executable, so you can't specify the program's path relative to
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
